Antivirus XP 2008 - Newest Malware On The Internet

Just so you're all aware there is a new malware being spread out on the net. I got hit with it earlier today visiting what looked like a legitimate video site.

It's called "Antivirus XP 2008" and is attached to a download of a codec pack that you are told is needed to view a video or picture.

(It may also be attached in a message that you need an ActiveX update)

It actually plants a constant image on a blue desktop (you lose your desktop image, if you have one) and a constant pop-up generates, telling you that a virus has been detected and directs you to a very good replica of a microsoft page that wants $50 - $100 for the Antivirus XP 2008 cure (depending on the package you purchase). It is a POS and also has to be removed.

Luckily, I figured it out before buying, but it still took me 4 hours to clean my folders, files, and registries. I also had to create a new registry to get back my screensaver and desktop background option tabs.

Below are some basic instructions for manually removing this malware. Please read carefully and perform at your own risk!

First you need to stop the program from loading on startup. This is what you do to stop it:

Click "Start," then, "run"

Type: msconfig

Go to Startup tab

Uncheck lphc35dj0e1an <----- These number/letters may be different

Uncheck rhc75dj0e1an <------- but will be similar to each other. Usually two that are very similar. These were taken from my computer.

Click: apply

Sponsored Links

• NOSTALGIA FINDER Remember what Mom threw away when you "grew up"? Wish you had it now? Now you can find it!
• SEARCH BEACON More than a search engine. Dating, Horoscopes, Shopping, and much more available!
• MILITARY INFO Find out what is happening around the world from military sources.
• EDUCATION INFO Need the top resources on Education? This site has it.
• CREDIT REPAIR The best site for fixing your credit reports and credit problems FAST!
• COMPUTERS A great resource for new and used computers, laptops, and even vintage equipment.
• iPHONES Need one? This site has a highly filtered search giving you just the phones without those who offer the unwanted codes.

Stop XP Antivirus 2008 Processes:

Access Processes by pressing Cont+Alt+Delete simultaneously (1 time)

(All below may or may not be present - stop any found)

vav.exe

XPAntivirus.exe

XPAntivirusUpdate.exe

xpa.exe

xpa2008.exe

Click: OK

Restart computer

Then you need to delete the main files this program uses. Delete the following files.

C:\windows\system32\lphc35dj0e1an.exe <------ Again, your .exe may be different than these!

C:\program files\rhc75dj0e1an\rhc75dj0e1an.exe

Also, do not forget to do a file and folder search...

Find and Delete these XP Antivirus 2008:

(may or may not be present)

xpa.exe

vav.exe

xpa2008.exe

XPAntivirus.exe

XPAntivirusUpdate.exe

XP antivirus

XPAntivirus.lnk

Uninstall XPAntivirus.lnk

XPAntivirus on the Web.lnk

XPAntivirus.url

XP Antivirus 2008.lnk

Uninstall XP Antivirus 2008.lnk

This should remove the program from your system but you probably still have a warning message displayed as your wallpaper in Windows and the virus removed the ability to change the wallpaper or your desktop settings.

To restore ability to change your desktop settings and select a different wallpaper and screen saver do the following:

Click: Start->Run->type: regedit ->click "OK"

Open the following folders\subfolders in order:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\

CurrentVersion\Policies\System

“System” being the last sub-folder.

create new entries:

1) a REG_DWORD entry called: NoDispBackgroundPage

2) a REG_DWORD entry called: NoDispScrSavPage

As long as their values are both set to 0, your tabs will be back.

Restart Computer

- Are you Tweaked, Twisted, or Torqued over what's happening around us? Join this brand new forum today! The Tweak Show